ImageMagick CVE-2017-1000445 Denial of Service Vulnerability

ImageMagick is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause a denial-of-service condition.

ImageMagick 7.0.7-1 and prior versions are vulnerable.

Information

Bugtraq ID: 102368
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-1000445

Remote: Yes
Local: No
Published: Jan 02 2018 12:00AM
Updated: Jan 02 2018 12:00AM
Credit: viennadd
Vulnerable: ImageMagick ImageMagick 7.0.7-1

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

Null Pointer Dereference at SketchImage of MagickCore/fx.c #775 (ImageMagick)
ImageMagick Homepage (ImageMagick)

Source: www.securityfocus.com

Exploit Collector

Search Exploit